NEW QUESTION 317
What is the valid range for VRID value in VRRP configuration?

A. 1­254
B. 1-255
C. 0-254
D. 0-255

Answer: B

NEW QUESTION 318
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

A. Detects and blocks malware by correlating multiple detection engines before users are affected.
B. Configure rules to limit the available network bandwidth for specified users or groups.
C. Use UserCheck to help users understand that certain websites are against the company’s security policy.
D. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Answer: A

NEW QUESTION 319
Which command will reset the kernel debug options to default settings?

A. That is used to deploy the mobile device as a generator of one-time passwords for authenticating to an RSA Authentication Manager.
B. Full Layer4 VPN -SSL VPN that gives users network access to all mobile applications.
C. Full layer3 VPN -IPSec VPN that gives users network access to all mobile applications.
D. You can make sure that documents are sent to the intended recipients only.

Answer: C

NEW QUESTION 322
What does the following command do?
vpn crl_zap

A. Nothing, it is not a valid command.
B. Erases all CRLs from the gateway cache.
C. Erases VPN certificates from cache.
D. Erases CRLs from the management server cache.

NEW QUESTION 323
Firewall policies must be configured to accept VRRP packets on the GAiA platform if it runs Firewall software. The Multicast destination assigned by the Internet Assigned Numbers Authority (IANA) for VRRP is ____.

A. 224.0.0.18
B. 224.0.0.5
C. 224.0.0.102
D. 224.0.0.22

Answer: A

NEW QUESTION 324
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A. UDP port 265
B. TCP port 265
C. UDP port 256
D. TCP port 256

Answer: D

NEW QUESTION 325
GAiA greatly increases operational efficiency by offering an advanced and intuitive software update agent, commonly referred to as the ____.

NEW QUESTION 329
What is the responsibility of SOLR process on R80.10 management server?

A. Validating all data before it’s written into the database.
B. It generates indexes of data written to the database.
C. Communication between SmartConsole applications and the Security Management Server.
D. Writing all information into the database.

Answer: B

NEW QUESTION 330
VPN Tunnel Sharing can be configured with any of the options below, EXCEPT ____.

A. Gateway-based
B. Subnet-based
C. IP range based
D. Host-based

Answer: C

NEW QUESTION 331
You want to store the GAiA configuration in a file for later reference. What command should you use?

NEW QUESTION 336
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

A. Anti-Bot is the only countermeasure against unknown malware.
B. Anti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers.
C. Anti-Bot is the only signature-based method of malware protection.
D. Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center.

Answer: D

NEW QUESTION 337
SmartEvent does NOT use which of the following procedures to identify events?

A. Matching a log against each event definition
B. Create an event candidate
C. Matching a log against local exclusions
D. Matching a log against global exclusions

Answer: C

NEW QUESTION 338
In Gaia, if one is unsure about a possible command, what command lists all possible commands?

A. show all grep commands
B. show configuration
C. show commands
D. get all commands

Answer: C

NEW QUESTION 339
In which case is a Sticky Decision Function relevant?

NEW QUESTION 344
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
B. Create a separate Security Policy package for each remote Security Gateway.
C. Create network objects that restrict all applicable rules to only certain networks.
D. Run separate SmartConsole instances to login and configure each security Gateway directly.

Answer: B

NEW QUESTION 345
Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will be need if he does NOT include a SmartConsole machine in his calculations?

A. One machine, but it needs to be installed using SecurePlatform for compatibility purposes.
B. One machine.
C. Two machines.
D. Three machines.

Answer: C

NEW QUESTION 346
The command ____ provides the most complete restoration of a R80 configuration.

NEW QUESTION 347
Which of the following statements is TRUE about R80 management plug-ins?

A. The plug-in is a package installed on the Security Gateway.
B. Installing a management plug-in requires a Snapshot, just like any upgrade process.
C. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

NEW QUESTION 350
Which features are only supported with R80.10 Gateways but not R77.x?

A. Access Control policy unifies the Firewall, Application Control & URL Filtering, Data Awareness, and Mobile Access Software Blade policies.
B. Limits the upload and download throughput for streaming media in the company to 1 Gbps.
C. The rule base can be built of layers, each containing a set of the security rules.
Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
D. Time object to a rule to make the rule active only during specified times.

Answer: C

NEW QUESTION 351
For best practices, what is the recommended time for automatic unlocking of locked admin accounts?

A. Dynamic objects are available in the Object Explorer
B. SecureXL can be disabled in cpconfig
C. fwaccel commands can be used in clish
D. Only one packet in a stream is seen in a fw monitor packet capture

Answer: C

NEW QUESTION 353
What is the command to show SecureXL status?

A. fwaccel status
B. fwaccel stats ­m
C. fwaccel -s
D. fwaccel stat

Answer: D

NEW QUESTION 354
Which web services protocol is used to communicate to the Check Point R80 identity Awareness Web APi?

A. SOAP
B. REST
C. XLANG
D. XML-RPC

Answer: B

NEW QUESTION 355
Which file gives you a list of all security servers in use, including port number?

NEW QUESTION 357
GAiA Software update packages can be imported and installed offline in situation where ____.

A. Security Gateway with GAiA does NOT have SFTP access to Internet
B. Security Gateway with GAiA does NOT have access to Internet
C. Security Gateway with GAiA does NOT have SSH access to internet
D. The desired CPUSE package is ONLY available in the Check Point CLOUD

Answer: B

NEW QUESTION 358
The Event List within the Events tab contains ____.

A. a list of options available for running a query
B. the top events, destinations, sources, and users of the query results, either as a chart or in a tallied list
C. events generated by a query
D. the details of a selected event

Answer: C

NEW QUESTION 359
What is mandatory for ClusterXL to work properly?

A. The number of cores must be the same on every participating cluster node.
B. The Magic MAC number must be unique per cluster node.
C. The Sync Interface must not have an IP address configured.
D. If you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members.

Answer: B

NEW QUESTION 360
Which one of the following processes below would not start if there was a licensing issue?

A. CPD
B. CPCA
C. FWM
D. CPWD

Answer: A

NEW QUESTION 361
Aaron is a Cyber Security Engineer working for Global Law Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R80.10. Company’s Network Security Developer Team is having issue testing new API with newly deployed R80.10 Security Management Server and blames Check Point Security Management Server as root cause. The ticket has been created and issue is at Aaron’s desk for an investigation. What do you recommend as the best suggestion for Aaron to make sure API testing works as expected?

A. Aaron should check API Server status from expert CLI by “fwm api status” and if it’s stopped he should start using command “fwm api start” on Security Management Server.
B. Aaron should check API Server status from expert CLI by “cpapi status” and if it’s stopped he should start using command “cpapi start” on Security Management Server.
C. Aaron should check API Server status from expert CLI by “api status” and if it’s stopped he should start using command “api start” on Security Management Server.
D. Aaron should check API Server status from expert CLI by “cpm api status” and if it’s stopped he should start using command “cpm api start” on Security Management Server.

Answer: C

NEW QUESTION 362
What utility would you use to configure route-based VPNs?

A. vpn
shell
B. vpn
tu
C. vpn sw_topology
D. vpn
set_slim_server

Answer: A

NEW QUESTION 363
Where do you create and modify the Mobile Access policy in R80?

A. SmartConsole
B. SmartMonitor
C. SmartEndpoint
D. SmartDashboard

Answer: A

NEW QUESTION 364
Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?